[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248268

 
 

909

 
 

195051

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2015-3165Date: (C)2015-06-04   (M)2023-12-22


Double free vulnerability in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 allows remote attackers to cause a denial of service (crash) by closing an SSL session at a time when the authentication timeout will expire during the session shutdown sequence.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 4.3
Exploit Score: 8.6
Impact Score: 2.9
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: NONE
Integrity: NONE
Availability: PARTIAL
  
Reference:
BID-74787
APPLE-SA-2015-09-16-4
DSA-3269
DSA-3270
GLSA-201507-20
RHSA-2015:1194
RHSA-2015:1195
RHSA-2015:1196
USN-2621-1
http://www.postgresql.org/about/news/1587/
http://www.postgresql.org/docs/9.0/static/release-9-0-20.html
http://www.postgresql.org/docs/9.1/static/release-9-1-16.html
http://www.postgresql.org/docs/9.2/static/release-9-2-11.html
http://www.postgresql.org/docs/9.3/static/release-9-3-7.html
http://www.postgresql.org/docs/9.4/static/release-9-4-2.html
https://support.apple.com/HT205219

CPE    33
cpe:/o:debian:debian_linux:7.0
cpe:/o:canonical:ubuntu_linux:14.10
cpe:/a:postgresql:postgresql:9.2.7
cpe:/a:postgresql:postgresql:9.1.7
...
OVAL    16
oval:org.secpod.oval:def:505101
oval:org.secpod.oval:def:33747
oval:org.secpod.oval:def:702572
oval:org.secpod.oval:def:504985
...

© SecPod Technologies